ID: 10518
Updated by: derick
Reported By: [EMAIL PROTECTED]
Old-Status: Assigned
Status: Closed
Bug Type: mcrypt related
PHP Version: 4.0.4pl1
Assigned To: derick
Comments:
I applied your fix in CVS. Thanks!
Previous Comments:
---------------------------------------------------------------------------
[2001-04-28 12:39:48] [EMAIL PROTECTED]
Same bug also in php_mcrypt_do_crypt, here's the new patch:
--- php-4.0.4pl1/ext/mcrypt/mcrypt.c Wed Nov 22 22:40:15 2000
+++ php-4.0.4pl1-sk/ext/mcrypt/mcrypt.c Sat Apr 28 18:44:09 2001
@@ -498,7 +498,7 @@
convert_to_string_ex (data);
/* Check blocksize */
- if (mcrypt_enc_is_block_algorithm (td) == 1) { /* It's a block algorithm */
+ if (mcrypt_enc_is_block_mode (td) == 1) { /* It's a block algorithm */
block_size = mcrypt_enc_get_block_size (td);
data_size = (((Z_STRLEN_PP(data) - 1) / block_size) + 1) * block_size;
data_s = emalloc (data_size);
@@ -539,7 +539,7 @@
convert_to_string_ex (data);
/* Check blocksize */
- if (mcrypt_enc_is_block_algorithm (td) == 1) { /* It's a block algorithm */
+ if (mcrypt_enc_is_block_mode (td) == 1) { /* It's a block algorithm */
block_size = mcrypt_enc_get_block_size (td);
data_size = (((Z_STRLEN_PP(data) - 1) / block_size) + 1) * block_size;
data_s = emalloc (data_size);
@@ -1280,7 +1280,7 @@
}
/* Check blocksize */
- if (mcrypt_enc_is_block_algorithm (td) == 1) { /* It's a block algorithm */
+ if (mcrypt_enc_is_block_mode (td) == 1) { /* It's a block algorithm */
block_size = mcrypt_enc_get_block_size (td);
data_size = (((Z_STRLEN_PP(data) - 1) / block_size) + 1) * block_size;
data_s = emalloc (data_size);
---------------------------------------------------------------------------
[2001-04-26 19:39:06] [EMAIL PROTECTED]
thx, will look into this soon
---------------------------------------------------------------------------
[2001-04-26 18:28:36] [EMAIL PROTECTED]
When encrypting using a block cipher and cfb or ofb mode the
mcrypt_generic/mdecrypt_generic function
still pad the input to a multiple of the underlying algorithm's block size. Input
should not be padded when used with
cfb or ofb mode.
Script showing the bug:
$key = pack("H*",
"0000000000000000000000000000000000000000000000000000000000000000");
$iv = pack("H*", "00000000000000000000000000000000");
$plain = pack("H*", "0000000000000000");
$handle = mcrypt_module_open(MCRYPT_TWOFISH, "", MCRYPT_MODE_CFB, "");
mcrypt_generic_init($handle, $key, $iv);
$crypted = mcrypt_generic($handle, $plain);
mcrypt_generic_end($handle);
print bin2hex($plain)."nn";
print bin2hex($crypted)."nn";
Proposed patch:
--- mcrypt/mcrypt.c Wed Nov 22 22:40:15 2000
+++ mcrypt-sk/mcrypt.c Fri Apr 27 00:25:16 2001
@@ -498,7 +498,7 @@
convert_to_string_ex (data);
/* Check blocksize */
- if (mcrypt_enc_is_block_algorithm (td) == 1) { /* It's a block algorithm */
+ if (mcrypt_enc_is_block_mode (td) == 1) { /* It's a block algorithm */
block_size = mcrypt_enc_get_block_size (td);
data_size = (((Z_STRLEN_PP(data) - 1) / block_size) + 1) * block_size;
data_s = emalloc (data_size);
@@ -539,7 +539,7 @@
convert_to_string_ex (data);
/* Check blocksize */
- if (mcrypt_enc_is_block_algorithm (td) == 1) { /* It's a block algorithm */
+ if (mcrypt_enc_is_block_mode (td) == 1) { /* It's a block algorithm */
block_size = mcrypt_enc_get_block_size (td);
data_size = (((Z_STRLEN_PP(data) - 1) / block_size) + 1) * block_size;
data_s = emalloc (data_size);
---------------------------------------------------------------------------
ATTENTION! Do NOT reply to this email!
To reply, use the web interface found at http://bugs.php.net/?id=10518&edit=2
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
